mirrors/thebadspace
1
0
Fork 0
mirror of https://koodu.h-i.works/projects/thebadspace synced 2025-05-06 14:41:02 -05:00
Code Packages Releases Activity

SQL Exploit Patch

Browse Source 
Quick fix to patch up a common SQL exploit.
This commit is contained in:
Ro 2023-09-21 13:46:14 -07:00
parent aa8daaf895
commit fb2d34a008
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
app/Http/Controllers/FrontIndexController.php
View File

@ -34,9 +34,8 @@ class FrontIndexController extends Controller
$rawSearch = $terms; $rawSearch = $terms;
$terms = str_replace(",", "", $terms); $terms = str_replace(",", "", $terms);
$terms = str_replace(" ", "|", $terms); $terms = str_replace(" ", "|", $terms);
$raw = DB::select("SELECT * FROM searchlocations('$terms')"); $raw = DB::select("SELECT * FROM searchlocations(?)", [$terms]);
$results = []; $results = [];
foreach ($raw as $item) { foreach ($raw as $item) {
if ($item->block_count > 2) { if ($item->block_count > 2) {
array_push($results, $item); array_push($results, $item);